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CLAIMS 

What is claimed is: 

1 1. A system comprising: 

2 a non-volatile data storage device, configure as one or 

3 more storage regions, to store one or more bytes of data; 

4 a program store to store one or more processor- readable 

5 instructions to ascertain the validity of the data stored in 

6 the non-volatile storage device and if invalid to replace the 

7 data with an earlier stored valid image of the data; and 

8 a processing unit couple to the storage device and 

9 program store, to read and process the one or more 
10 instructions in the process store. 

1 2. The system of claim 1 wherein the processing unit 

2 processes the instructions in the program store as part of its 

3 start-up procedure. 

1 3 . The system of claim 1 wherein the data stored in the non- 

2 volatile data store is the Basic Input Output System (BIOS) 

3 for a processing device. 

1 4. The system of claim 1 wherein the processor-readable 

2 instructions in the program store ascertain the validity of 

3 the data stored in the non-volatile storage device on a region 

4 by region basis. 

1 5. The system of claim 1 wherein the earlier stored valid 

2 image of the data is stored in a location that cannot be 

3 modified without system authorization. 

1 6. The system of claim 5 wherein system authorization 

2 includes 
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3 employing a system interface to perform modifications to 

4 the data stored in the non-volatile data storage device. 

1 7. The system of claim 1 wherein ascertaining the validity 

2 of the data stored in the non-volatile storage device includes 

3 determining if the current data in the non-volatile 

4 storage device is different than the earlier stored valid 

5 image of the data. 

1 8. The system of claim 1 wherein ascertaining the validity 

2 of the data stored in the non- volatile storage device includes 

3 determining if an integrity metric corresponding to the 

4 current data in the non-volatile storage device is different 

5 than the same integrity metric corresponding to the earlier 

6 stored valid image of the data. 

□ 1 9. The system of claim 1 further comprising: 

in o 

2. generating a copy the current data in the non-volatile 

jjf 3 storage device if an authorized application modifies the 

M 4 current data; and 

'~ 5 storing the copy as a valid image of the current data. 

UJ 1 10. A method comprising: 

[ n 2 reading the content currently stored in a non-volatile 

O 3 storage device; 

4 determining if the current content has been modified 

5 without authorization; and 

6 replacing the current content with a previously stored 

7 valid image of the content if the current content is 

8 determined to have been modified without authorization. 

1 11. The method of claim 10 further comprising: 

2 reading the image of the previously stored content; and 

3 comparing the previously stored content to the current 

4 content to determine if the current content has been modified. 
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1 12. The method of claim 10 wherein determining if the current 

2 content has been modified without authorization includes 

3 comparing a previously stored checksum, corresponding to 

4 the valid image of the previously stored content, and the 

5 checksum corresponding to the current content. 

1 13. The method of claim 10 wherein determining if the current 

2 content has been modified without authorization includes 

3 comparing a previously stored cyclic redundancy check 

4 value, corresponding to the valid image of the previously 

5 stored content, and the cyclic redundancy check value 

6 corresponding to the current content. 

1 14. The method of claim 10 wherein determining if the current 
;« 2 content has been modified without authorization includes 

rt 3 comparing a previously stored bit mask, corresponding to 

^ 4 the valid image of previously stored content, and the 

m 

1 55 5 corresponding bits of the current content. 

\I 

^ 1 15. The method of claim 10 further comprising: 

2 storing a valid image of the current content for later 
O 3 use . 

! ilsJ 

1 16. The method of claim 10 wherein the content is read from 

; s 

M= 2 the non-volatile storage device as part of a start-up 

3 procedure . 

1 17. A method comprising: 

2 arranging a non- volatile storage device into one or more 

3 storage regions; 

4 generating an integrity metric corresponding to the valid 

5 content stored in a first region of the non- volatile storage 

6 device; and 
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7 storing the integrity metric to later determine if the 

8 content in the first region has been modified without 

9 authorization. 

1 18. The method of claim 17 further comprising: 

2 comparing a previously stored integrity metric, 

3 corresponding to an earlier version of the content stored in 

4 the first region, to a newly calculated integrity metric 

5 corresponding to the current content stored in the first 

6 region to determine if an unauthorized modification has 

7 occurred. 

1 19. The method of claim 17 further comprising: 

2 replacing the first region with an earlier version of the 

3 content therein if it is determined that there was an 

4 unauthorized modification. 

1 20. A method comprising: 

2 arranging a non-volatile storage device into one or more 

3 storage regions; and 

4 comparing the current content in the first region to an 

5 earlier stored image of the content in the first region; and 

6 replacing the current content stored in the first region 

7 with the previously stored content of the first region if it 

8 is determined that there was an unauthorized modification of 

9 the current content . 

1 21. The method of claim 20 wherein the method is implemented 

2 as part of a start-up procedure. 

1 22. The method of claim 20 wherein the non-volatile device is 

2 arranged into one or more logical regions, each region of one 

3 or more bytes . 

1 23. A method comprising: 
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2 arranging a non-volatile storage device into one or more 

3 storage regions; 

4 verifying that the content in the non-volatile storage 

5 device is valid; and 

6 encrypting the content in a first region by use a first 

7 encryption key to protect it from unauthorized access. 

1 24. The method of claim 23 further comprising: 

2 protecting the content of the first region from 

3 unauthorized modification by use of an integrity metric. 

1 25. The method of claim 23 further comprising: 

2 protecting the content of the content of a second region 

3 with a second encryption key. 

1 26. A machine -readable medium having one or more instructions 

2 secure content in a non-volatile storage device against 

3 unauthorized use, which when executed by a processor, causes 

4 the processor to perform operations comprising: 

5 reading the content currently stored in a non-volatile 

6 storage device; 

7 determining if the current content has been modified 

8 without authorization; and 

9 replacing the current content with a previously stored 

10 image of the content if the current content is determined to 

11 have been modified without authorization. 

1 27. The machine- readable medium of claim 26 wherein 

2 determining if the current content has been modified without 

3 authorization includes 

4 reading an image of previously stored content; and 

5 comparing the previously stored content to the current 

6 content to determine if the current content has been modified. 
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1 28. The machine- readable medium of claim 26 wherein 

2 determining if the current content has been modified without 

3 authorization includes 

4 comparing a previously stored checksum corresponding to a 

5 valid image of previously stored content and the checksum 

6 corresponding to the current content. 

1 29. The machine-readable medium of claim 26 wherein 

2 determining if the current content has been modified without 

3 authorization includes 

4 comparing a previously stored cyclic redundancy check 

5 value corresponding to a valid image of previously stored 

6 content and the cyclic redundancy check value corresponding to 

7 the current content. 

1 30. The machine -readable medium of claim 26 wherein 

2 determining if the current content has been modified without 

3 authorization includes 

4 comparing a previously stored bit mask corresponding to a 

5 valid image of previously stored content and the corresponding 

6 bits of the current content. 
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